WORLD JOURNAL OF INNOVATION AND MODERN TECHNOLOGY (WJIMT )
E-ISSN 2504-4766
P-ISSN 2682-5910
VOL. 8. NO. 2 2024
DOI: 10.56201/wjimt.v8.no2.2024.pg71.89
Okusi, Oluwatobiloba
As the demand as well as use of web application increases daily so also different cyber security threats to it increases alarmingly. Cross-Site Scripting (XSS) attack is one in which an attacker exploits website and web application vulnerabilities by injecting arbitrary web requests into a web page viewed by other users or store unauthorized cookies, thereby attacking and causing harms to the owners’ sites and accounts. This study explores XSS attacks, and proposes some cyber security techniques for detecting and preventing XSS. The results of the analysis show that the proposed Deep Forest (DF) model alongside some other AI techniques can help address the issue of class imbalance, an aspect of XSS neglected by extant studies. In conclusion, the study contributes to solving some critical issues of cyber security. Researchers are charged to take up more studies on XSS, with specific focus on DF and class imbalance in cyber security, towards addressing more national and international cyber security threats and effects.
Cyber security, Cross-site scripting, Techniques, Detecting, Preventing
Abikoye, O. C., Abubakar, A., Dokoro, A. H., Akande, O. N. & Kayode, A. A. (2020). A novel
technique to prevent SQL injection and cross-site scripting attacks using Knuth-MorrisPratt string algorithm. EURASIP Journal on Information Security, vol.2020, 1-14.
Akaishi, S. & Uda, R. (2019). Classification of XSS attacks by machine learning with frequency
of appearance and co-occurrence. 53rd Annual Conference on information
sciences and systems (CISS), IEEE, 1-6.
Anderson, B. (2020, December). “3 dangerous cross-site scripting attacks of the last decade.”
ReadWrite.1. Available from: https://readwrite.com/3-dangerous-cross-site-scriptingattacks-of-the-last-decade.
Banerjee, R., Baksi, A., Singh, N. & Bishnu, S. K. (2020). Detection of XSS in web applications
using machine learning classifiers. 4th International Conference on electronics,
materials engineering & nano-Technology (IEMENTech), IEEE, 1–5.
Chaudhary, P., Gupta, B. B. & Gupta, S. (2016). Cross-site scripting (XSS) worms in online
social network (OSN): Taxonomy and defensive mechanisms. 3rd International
Conference on Computing for Sustainable Global Development (INDIACom), 2131–
2136.
Chen, X., Li, M., Jiang, Y. U. & Sun, Y. (2019). A comparison of machine learning
algorithms for detecting Xss attacks. Artificial Intelligence and Security, 11635, 214-
224.
Dixit, P. & Silakari, S. (2021). Deep learning algorithms for cyber security applications: A
technological and status review. Computer Sci. Rev., 39, 100317.
https://doi.org/10.1016/J. COSREV.2020.100317
Jian-Hua, L. (2021). Cyber security meets machine learning. In cyber security meets machine
learning. Springer Singapore. https:// doi. org/ 10. 1007/ 978- 981- 33- 6726-5
Kascheev, S. & Olenchikova, T. (2020). The detecting cross-site scripting (XSS) using machine
learning methods. Global Smart Industry Conference (GloSIC), IEEE, 265–270.
Kaur, J. Garg, U. & Bathla, G. (2023). Detection of cross?site scripting (XSS) attacks using
machine learning techniques: A review. Artificial Intelligence Review,
https://doi.org/10.1007/s10462-023-10433-3
Kaur, S. & Singh, M. (2019). Hybrid intrusion detection and signature generation using deep
recurrent neural networks. Neural Computer App., 32(12), 7859–7877. https:// doi. org/
10. 1007/ S00521- 019- 04187-9
Luo, C., Tan, Z., Min, G., Gan, J., Shi, W. & Tian, Z. (2021). A novel web attack detection
system for internet of things via ensemble classification. IEEE Trans. Industry Inf., 17(8),
5810–5818. https:// doi. org/ 10. 1109/ TII. 2020.3038761
Marashdih, A. W., Zaaba, Z. F., Suwais, K. & Mohd, N. A. (2019). Web application security:
An investigation on static analysis with other algorithms to detect cross site scripting.
Procedia computer science, 161, 1173–1181.
Okusi, O. A. (2023). An analysis of cross-site scripting and its preventive techniques. MSc.
cyber security: CSCT Masters Project. Department of Computer Science and Creative
Technologies.
Onan, A. & Tocoglu, M. A. (2021). A term weighted neural language model and stacked
bidirectional LSTM based framework for sarcasm identification. IEEE Access, 9, 7701–
7722. https://doi.org/ 10.1109/ACCESS. 2021. 30497 34
Onan, A. (2019b). Topic-enriched word embeddings for sarcasm identification. Adv. Intell. Syst.
Comput., 984, 293–304. https:// doi.org/10.1007/978-3-030-19807-7_29
OWASP (2017). OWASP top ten. OWASP. https://owasp.org/
Pavan, K. P., Jaya, T. & Rajendran, V. (2021). SI-BBA— a novel phishing website detection
based on swarm intelligence with deep learning. Mater Today. https:// doi. org/ 10.
1016/J. MATPR. 2021. 07. 178
Reddy, H. B. S. (2022). A proposal for emerging gaps in finding firm solutions for cross site
scripting attacks on web applications. International Journal of Research Publications and
Reviews, vol.3, iss.7. 3928-3985. DOI 10.55248/gengpi.2022.3.7.43
Rodríguez, G. E., Torres, J. G., Flores, P. & Benavides, D. E. (2020). Cross-site scripting (XSS)
attacks and mitigation: A survey. Computer networks. 166 (106960), 106960
Tariq, I., Sindhu, M. A., Abbasi, R. A., Khattak, A. S., Maqbool, O. & Siddiqui, G. F. (2021).
Resolving crosssite scripting attacks thriough genetic algorithm and reinforcement
learning. Exp Syst Appl, 168. https:// doi. org/ 10.1016/J. ESWA.2020.114386
Thakkar, A. & Lohiya, R. (2021). A survey on intrusion detection system: feature selection,
model, performance measures, application perspective, challenges and future research directions. Artificial Intell Rev, 55(1), 453–563. https:// doi. org/ 10. 1007/ S10462-021-
10037-9
Zhang, G., Liu, B., Zhu, T., Zhou, A. & Zhou, W. (2022). Visual privacy attacks and defenses
in deep learning: A survey. Artif Intell Rev, 1–55. https:// doi. org/ 10. 1007/ S10462-
021- 10123-Y
Zhang, J., Jou, Y. & Li, X. (2019). Cross-site scripting (XSS) detection integrating evidences
in multiple stages. Proceedings of the 52nd Hawaii International Conference on System
Sciences, 7174.
Zhang, Z., Ning, H., Shi, F., Farha, F., Xu, Y., Xu, J., Zhang, F., & Choo, K. K. R. (2021).
Artificial intelligence in cyber security: Research advances, challenges, and
opportunities. Artif Intell Rev, 55(2), 1029–1053. https:// doi.org/10.1007/S10462-
021- 09976-0
Zhou, Y. & Wang, P. (2019). An ensemble learning approach for XSS attack detection with
domain knowledge and threat intelligence. Computer Security, 82, 261–269. https:// doi.
org/ 10.1016/J.COSE.2018.12.016
DOI (DIGITAL OBJECT IDENTIFIER) ISSUANCE
We are pleased to inform you that IIARD is now a registered member of Crossref. Henceforth, we will be issuing DOI to every published article.
JOURNAL HARD COPIES ARE READY FOR DISPATCH
All Journal hard copies are ready for dispatch. Corresponding authors are advice to submit their mailing addresses to editor@iiardjournals.org
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License
© 2025 IIARD. All rights reserved
IIARD